What is YARA?

YARA is a tool aimed at helping malware researchers to identify and classify malware samples. It allows you to create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. A YARA rule consists of a set of strings and a boolean expression. YARA rules are commonly used for malware analysis, threat hunting, and incident response to identify malware samples or other malicious artifacts based on specific patterns or characteristics.

Find 771 organizations using YARA on Sumble →

What other technologies are related to YARA?

YARA Competitor Technologies

Snort

Snort is an open-source intrusion detection and prevention system (IDPS) that uses rules to detect malicious activity. While YARA focuses on pattern matching for malware identification, Snort focuses on network traffic analysis, they are conceptually similar in that they perform rule-based detection, and some rules may accomplish similar goals. They are often used together in a layered approach to security.

Suricata

Suricata is another open-source intrusion detection and prevention system (IDPS) that, like Snort, uses rules to detect malicious activity in network traffic. It offers similar functionality for network-based threat detection as Snort and can be used to achieve the same outcome as YARA rules used for that purpose.

YARA-L

YARA-L is a language made by Google, which is used to search for threats in logs. YARA-L is designed for searching through logs, whereas traditional YARA is more often used on files, but they serve similar purposes.

Number of organizations that mention technology

ⓘ Tap on a tech to explore matching organizations

YARA Complementary Technologies

Open IOC

No summary available

OpenIOC is a framework for describing and sharing threat intelligence. YARA rules can be used to detect the presence of indicators of compromise (IOCs) defined in OpenIOC format. While OpenIOC provides a structure for describing the IOCs, YARA provides the means of finding them.

OpenIOC

Duplicate of OpenIOC above.

Perl Compatible Regular Expressions

No summary available

PCRE are used in YARA rules to perform advanced text matching. PCRE is a regular expression engine, which is a component of YARA's rule syntax.

Number of organizations that mention technology

Perl Compatible Regular Expressions

ⓘ Tap on a tech to explore matching organizations

Which job functions commonly mention YARA?

SIEM Engineer

0.7% of all SIEM Engineer jobs mention YARA

View 32 jobs on Sumble

Security Analyst

0.3% of all Security Analyst jobs mention YARA

View 170 jobs on Sumble

IT Security

0.2% of all IT Security jobs mention YARA

View 184 jobs on Sumble

Security Engineer

0.2% of all Security Engineer jobs mention YARA

View 692 jobs on Sumble

Analyst

457 Analyst jobs mention YARA

View 457 jobs on Sumble

See more or filter by date, location, industry, etc →

Which organizations are mentioning YARA?

Leidos

Professional Services

Deloitte

Professional Services

Rapid7

Scientific and Technical Services

Morgan Stanley

Finance and Insurance

Lockheed Martin

Manufacturing

See more or filter by date, location, industry, etc →

Summary powered by

Sumble

Find the right accounts, contact, message, and time to sell

Whether you're looking to get your foot in the door, find the right person to talk to, or close the deal — accurate, detailed, trustworthy, and timely information about the organization you're selling to is invaluable.

Use Sumble to:

Sign in to continue exploring

or

Book a call to discuss your needs

**YARA**

What is YARA?

What other technologies are related to YARA?

YARA Competitor Technologies

YARA Complementary Technologies

Which job functions commonly mention YARA?

Which organizations are mentioning YARA?

Find the right accounts, contact, message, and time to sell

YARA